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DETAILED ACTION 

Claims 1-25 are pending. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of the 
claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of the various 
claims was commonly owned at the time any inventions covered therein were made absent any 
evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out 
the inventor and invention dates of each claim that was not commonly owned at the time a later 
invention was made in order for the examiner to consider the applicability of 35 U.S.C. 103(c) 
and potential 35 U.S.C. 102(e), (0 or (g) prior art under 35 U.S.C. 103(a). 

Claims 1-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 3GPP TS 
33.102 v5.1.0 (herein 3G Security) in view of UMTS security. 

Regarding claim 1 : 

3G Security discloses a method in a communication system wherein a serving controller 
is configured to support a first security mechanism and at least one other security mechanism, the 
method comprising: 

sending a request from a user equipment to a serving controller (page 29 step 2 of figure 
14, the MS (mobile station) transfers to VLR/SGSN the initial L3 message); 
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determining, based on the request, in a second controller that the user equipment supports 
a second security mechanism other than a first security mechanism (page 29 steps 1 and 4 of 
figure 14, the VLR/SGSN determines which UIAs and UEAs (UMTS Integrity and Encryption 
Algorithms respectively; page 30 step 5 of figure 14, VLR/SGSN sends the RANAP (radio 
access network application part) message Security Mode Command to the SRNC; it contains an 
ordered list of allowed UEAs and UIAs in order of preference; page 30 step 7, SRNC chooses 
the UEA and UIA); 

sending from the second controller to the serving controller an indication that the second 
security mechanism than the first security mechanism is used by the user equipment (page 30 
step 1 1 of figure 14, SRNC sends VLR/SGSN Security Mode Complete response, including 
selected algorithms); and 

sending a challenge in accordance with a security mechanism from the serving 
controller to the user equipment (page 28 last paragraph, figure 1 4 (steps 1-11) are at 
initial connection establishment, possible authentication, and start of integrity protection 
and possible ciphering; page 20 figure 7 shows the generation of the cipher key (CK) 
and integrity key (IK) using f3 (UEA) and f4 (UIA) respectively; page 21 figure 8, 
discloses VLR/SGSN performing and authentication challenge (AUTN) with the USIM 
(on the user equipment)). 

3G Security does not disclose sending a request for registration. UMTS security 
discloses sending a request for registration (figure 7 page 202) from the UE 
(corresponding to MS of 3G Security) to the serving controller (S-CSCF corresponding 
to the SRNC). 
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It would have been obvious to one of ordinary skill in the art to modify the method 
of 3G Security to incorporate IMS of UTMS Security in order to deliver IP multimedia 
services to end users. 

Regarding claim 2: 

3G Security discloses a method as claimed in claim 1, further comprising: including a 
response to the challenge in a message from the user equipment to the serving controller (page 
23 first and second paragraphs, user equipment sends RES (response) to the challenge to 
VLR/SGSN). 

Regarding claim 3: 

3G security discloses a method as claimed in claim 2, further comprising: using 
the response for authentication of the message at the serving controller (page 23 
second paragraph, if expected response is equal to response, then the authentication of 
the user has passed). 

Regarding claim 4: 

3G Security discloses a method as claimed in claim 1, further comprising: providing the 
second controller comprising a network entity providing proxy (page 29 VLR/SGSN performs 
security functions and access control). 3G Security does not disclose the second controller 
comprising a proxy call session control function. UMTS security discloses in figure 7 on page 
202 a P-CSCF (corresponding to the VLR/SGSN of 3G Security). 

It would have been obvious to one of ordinary skill in the art to modify the method of 3G 
Security to incorporate IMS of UTMS Security in order to deliver IP multimedia services to end 
users. 



Application/Control Number: 10/760,521 Page 5 

Art Unit: 2139 

Regarding claim 5: 

3G Security discloses a method as claimed in claim 1 , wherein the step of 
sending the request for registration from the user equipment to the serving controller 
comprises sending a challenge from the serving controller to the user equipment (page 
21 figure 8, discloses VLR/SGSN performing and authentication challenge (AUTN) with 
the USIM (on the user equipment)), sending a response to the challenge from the user 
equipment (page 23 first and second paragraphs, user equipment sends RES 
(response) to the challenge to VLR/SGSN), and registering the user equipment to the 
serving controller only if a satisfactory response is received from the user equipment 
(page 23 second paragraph, if expected response is equal to response, then the 
authentication of the user has passed), and sending a further challenge to the user 
equipment after the registration step is completed (page 30, the nonce FRESH is sent 
from the VLR/SGSN to the UE; page 34, FRESH is a network side nonce; it is inherent 
that the nonce is used as a means of authenticating the MS in order to prevent replay 
attacks). 

Regarding claim 6: 

3G Security discloses a method as claimed in claim 1, further comprising: obtaining data 
for sending the challenge from a user information database (page 41 second paragraph, 
authentication challenge is retrieved from a local database). 

Regarding claim 7: 
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3G Security discloses a method as claimed in claim 1, wherein the step of sending the 
challenge comprises sending the challenge comprising an authentication vector (figure 5 on page 
18, shows the challenge comprising an authentication vector). 

Regarding claim 8: 

3G Security discloses a method as claimed in claim 1 , but does not disclose 
providing the first security mechanism comprising a security mechanism in accordance 
with a Secure Internet Protocol. UMTS security discloses using IPsec (page 203, 
integrity protection using IPsec ESP). It would have been obvious to one of ordinary 
skill in the art at the time of invention to modify the method of 3G Security to include 
IPsec as disclosed in UTMS security in order to make messages integrity protected 
(page 203, Integrity protection using IPsec ESP). 

Regarding claim 9: 

3G Security discloses a method as claimed in claim 1, but does not disclose providing the 
second security mechanism comprising a security mechanism in accordance with a Hypertext 
Transfer Digest protocol. UMTS security discloses using HTTP Digest (page 202, 
Authentication using HTTP Digest AKA). It would have been obvious to one of ordinary skill in 
the art at the time of invention to modify the method of 3G Security to include HTTP Digest as 
disclosed in UTMS security in order to provide secure authentication (pages 202-203, 
Authentication using HTTP Digest AKA). 

Regarding claim 10: 

3G Security discloses a method as claimed in claim 1 , but does not disclose 
sending of at least the challenge or a response in a message in accordance with a 



Application/Control Number: 10/760,521 Page 7 

Art Unit: 2139 

Session Initiation Protocol. UMTS security discloses sending the challenge and 
response in accordance with SIP (pages 202 and 203, Authentication using HTTP 
Digest AKA). It would have been obvious to one of ordinary skill in the art to modify the 
method of 3G Security to incorporate SIP of UTMS Security in order to create, modify, 
and terminate sessions with one or more participants. 
Regarding claim 1 1 : 

3G Security discloses a method as claimed in claim 1, but does not disclose registering 
the user equipment with a serving controller of an Internet Multimedia Subsystem. UMTS 
security discloses registering the UE with a serving controller of an IMS (page 201, Security 
architecture for the DP multimedia subsystem). It would have been obvious to one of ordinary 
skill in the art to modify the method of 3G Security to incorporate EMS of UTMS Security in 
order to deliver IP multimedia services to end users. 

Regarding claims 12 and 13: 

3G Security discloses a method as claimed in claim 2, further comprising: including in 
the request for registration a list of security mechanisms supported by the user equipment (page 
29 step 1, MS sends sends the UE security capabilities in a list format); concluding at the second 
controller based on the list that the user equipment supports the second security mechanism 
instead of the first security mechanism (page 29 step 4, the VLR/SGSN determines which UIAs 
and UEAs are allowed to be used in order of preference); an indication that the second security 
mechanism is to be used (page 30 step 5, the VLR/SGSN orders the list as the most preferable 
occurring at the top of the list); and forwarding the request to the serving controller (page 30 step 
5, VLR/SGSN transmits to the SRNC). 
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3G Security does not disclose the use of including the lists in the headers. It would have 
been obvious to one of ordinary skill in the art at the time of invention to modify the headers to 
include the lists of security mechanisms in order to inform the receiver of how to handle the data 
block. 

Regarding claim 14: 

3G Security discloses a method as claimed in claim 3, further comprising: providing the 
message comprising a request for a service provided by an application server. . It is inherent in an 
IMS to deliver IP multimedia services to end users, thus a request for a service provided by an 
application server would have been obvious to one of ordinary skill in the art at the time of 
invention. 

Regarding claims 15-25: 

Claims 15-25 correspond to the system disclosed in the rejection of claims 1-14 and are 
rejected under the same art and reasoning as claims 1-14. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. Prior art discloses UTMS and IMS methods and systems for security. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to James Turchen whose telephone number is 571-270-1378. The 
examiner can normally be reached on MTWRF 7:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571)272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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